AWS v6.78.0, Apr 24 25

AWS v6.78.0 published on Thursday, Apr 24, 2025 by Pulumi

aws.ec2clientvpn.Route

Explore with Pulumi AI

AWS v6.78.0 published on Thursday, Apr 24, 2025 by Pulumi

Example Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleEndpoint = new aws.ec2clientvpn.Endpoint("example", {
    description: "Example Client VPN endpoint",
    serverCertificateArn: exampleAwsAcmCertificate.arn,
    clientCidrBlock: "10.0.0.0/16",
    authenticationOptions: [{
        type: "certificate-authentication",
        rootCertificateChainArn: exampleAwsAcmCertificate.arn,
    }],
    connectionLogOptions: {
        enabled: false,
    },
});
const exampleNetworkAssociation = new aws.ec2clientvpn.NetworkAssociation("example", {
    clientVpnEndpointId: exampleEndpoint.id,
    subnetId: exampleAwsSubnet.id,
});
const example = new aws.ec2clientvpn.Route("example", {
    clientVpnEndpointId: exampleEndpoint.id,
    destinationCidrBlock: "0.0.0.0/0",
    targetVpcSubnetId: exampleNetworkAssociation.subnetId,
});

import pulumi
import pulumi_aws as aws

example_endpoint = aws.ec2clientvpn.Endpoint("example",
    description="Example Client VPN endpoint",
    server_certificate_arn=example_aws_acm_certificate["arn"],
    client_cidr_block="10.0.0.0/16",
    authentication_options=[{
        "type": "certificate-authentication",
        "root_certificate_chain_arn": example_aws_acm_certificate["arn"],
    }],
    connection_log_options={
        "enabled": False,
    })
example_network_association = aws.ec2clientvpn.NetworkAssociation("example",
    client_vpn_endpoint_id=example_endpoint.id,
    subnet_id=example_aws_subnet["id"])
example = aws.ec2clientvpn.Route("example",
    client_vpn_endpoint_id=example_endpoint.id,
    destination_cidr_block="0.0.0.0/0",
    target_vpc_subnet_id=example_network_association.subnet_id)

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleEndpoint, err := ec2clientvpn.NewEndpoint(ctx, "example", &ec2clientvpn.EndpointArgs{
			Description:          pulumi.String("Example Client VPN endpoint"),
			ServerCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),
			ClientCidrBlock:      pulumi.String("10.0.0.0/16"),
			AuthenticationOptions: ec2clientvpn.EndpointAuthenticationOptionArray{
				&ec2clientvpn.EndpointAuthenticationOptionArgs{
					Type:                    pulumi.String("certificate-authentication"),
					RootCertificateChainArn: pulumi.Any(exampleAwsAcmCertificate.Arn),
				},
			},
			ConnectionLogOptions: &ec2clientvpn.EndpointConnectionLogOptionsArgs{
				Enabled: pulumi.Bool(false),
			},
		})
		if err != nil {
			return err
		}
		exampleNetworkAssociation, err := ec2clientvpn.NewNetworkAssociation(ctx, "example", &ec2clientvpn.NetworkAssociationArgs{
			ClientVpnEndpointId: exampleEndpoint.ID(),
			SubnetId:            pulumi.Any(exampleAwsSubnet.Id),
		})
		if err != nil {
			return err
		}
		_, err = ec2clientvpn.NewRoute(ctx, "example", &ec2clientvpn.RouteArgs{
			ClientVpnEndpointId:  exampleEndpoint.ID(),
			DestinationCidrBlock: pulumi.String("0.0.0.0/0"),
			TargetVpcSubnetId:    exampleNetworkAssociation.SubnetId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleEndpoint = new Aws.Ec2ClientVpn.Endpoint("example", new()
    {
        Description = "Example Client VPN endpoint",
        ServerCertificateArn = exampleAwsAcmCertificate.Arn,
        ClientCidrBlock = "10.0.0.0/16",
        AuthenticationOptions = new[]
        {
            new Aws.Ec2ClientVpn.Inputs.EndpointAuthenticationOptionArgs
            {
                Type = "certificate-authentication",
                RootCertificateChainArn = exampleAwsAcmCertificate.Arn,
            },
        },
        ConnectionLogOptions = new Aws.Ec2ClientVpn.Inputs.EndpointConnectionLogOptionsArgs
        {
            Enabled = false,
        },
    });

    var exampleNetworkAssociation = new Aws.Ec2ClientVpn.NetworkAssociation("example", new()
    {
        ClientVpnEndpointId = exampleEndpoint.Id,
        SubnetId = exampleAwsSubnet.Id,
    });

    var example = new Aws.Ec2ClientVpn.Route("example", new()
    {
        ClientVpnEndpointId = exampleEndpoint.Id,
        DestinationCidrBlock = "0.0.0.0/0",
        TargetVpcSubnetId = exampleNetworkAssociation.SubnetId,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2clientvpn.Endpoint;
import com.pulumi.aws.ec2clientvpn.EndpointArgs;
import com.pulumi.aws.ec2clientvpn.inputs.EndpointAuthenticationOptionArgs;
import com.pulumi.aws.ec2clientvpn.inputs.EndpointConnectionLogOptionsArgs;
import com.pulumi.aws.ec2clientvpn.NetworkAssociation;
import com.pulumi.aws.ec2clientvpn.NetworkAssociationArgs;
import com.pulumi.aws.ec2clientvpn.Route;
import com.pulumi.aws.ec2clientvpn.RouteArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder()
            .description("Example Client VPN endpoint")
            .serverCertificateArn(exampleAwsAcmCertificate.arn())
            .clientCidrBlock("10.0.0.0/16")
            .authenticationOptions(EndpointAuthenticationOptionArgs.builder()
                .type("certificate-authentication")
                .rootCertificateChainArn(exampleAwsAcmCertificate.arn())
                .build())
            .connectionLogOptions(EndpointConnectionLogOptionsArgs.builder()
                .enabled(false)
                .build())
            .build());

        var exampleNetworkAssociation = new NetworkAssociation("exampleNetworkAssociation", NetworkAssociationArgs.builder()
            .clientVpnEndpointId(exampleEndpoint.id())
            .subnetId(exampleAwsSubnet.id())
            .build());

        var example = new Route("example", RouteArgs.builder()
            .clientVpnEndpointId(exampleEndpoint.id())
            .destinationCidrBlock("0.0.0.0/0")
            .targetVpcSubnetId(exampleNetworkAssociation.subnetId())
            .build());

    }
}

resources:
  example:
    type: aws:ec2clientvpn:Route
    properties:
      clientVpnEndpointId: ${exampleEndpoint.id}
      destinationCidrBlock: 0.0.0.0/0
      targetVpcSubnetId: ${exampleNetworkAssociation.subnetId}
  exampleNetworkAssociation:
    type: aws:ec2clientvpn:NetworkAssociation
    name: example
    properties:
      clientVpnEndpointId: ${exampleEndpoint.id}
      subnetId: ${exampleAwsSubnet.id}
  exampleEndpoint:
    type: aws:ec2clientvpn:Endpoint
    name: example
    properties:
      description: Example Client VPN endpoint
      serverCertificateArn: ${exampleAwsAcmCertificate.arn}
      clientCidrBlock: 10.0.0.0/16
      authenticationOptions:
        - type: certificate-authentication
          rootCertificateChainArn: ${exampleAwsAcmCertificate.arn}
      connectionLogOptions:
        enabled: false

Create Route Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new Route(name: string, args: RouteArgs, opts?: CustomResourceOptions);

@overload
def Route(resource_name: str,
          args: RouteArgs,
          opts: Optional[ResourceOptions] = None)

@overload
def Route(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          client_vpn_endpoint_id: Optional[str] = None,
          destination_cidr_block: Optional[str] = None,
          target_vpc_subnet_id: Optional[str] = None,
          description: Optional[str] = None)

func NewRoute(ctx *Context, name string, args RouteArgs, opts ...ResourceOption) (*Route, error)

public Route(string name, RouteArgs args, CustomResourceOptions? opts = null)

public Route(String name, RouteArgs args)
public Route(String name, RouteArgs args, CustomResourceOptions options)

type: aws:ec2clientvpn:Route
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args RouteArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RouteArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RouteArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RouteArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RouteArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var examplerouteResourceResourceFromEc2clientvpnroute = new Aws.Ec2ClientVpn.Route("examplerouteResourceResourceFromEc2clientvpnroute", new()
{
    ClientVpnEndpointId = "string",
    DestinationCidrBlock = "string",
    TargetVpcSubnetId = "string",
    Description = "string",
});

example, err := ec2clientvpn.NewRoute(ctx, "examplerouteResourceResourceFromEc2clientvpnroute", &ec2clientvpn.RouteArgs{
	ClientVpnEndpointId:  pulumi.String("string"),
	DestinationCidrBlock: pulumi.String("string"),
	TargetVpcSubnetId:    pulumi.String("string"),
	Description:          pulumi.String("string"),
})

var examplerouteResourceResourceFromEc2clientvpnroute = new com.pulumi.aws.ec2clientvpn.Route("examplerouteResourceResourceFromEc2clientvpnroute", com.pulumi.aws.ec2clientvpn.RouteArgs.builder()
    .clientVpnEndpointId("string")
    .destinationCidrBlock("string")
    .targetVpcSubnetId("string")
    .description("string")
    .build());

exampleroute_resource_resource_from_ec2clientvpnroute = aws.ec2clientvpn.Route("examplerouteResourceResourceFromEc2clientvpnroute",
    client_vpn_endpoint_id="string",
    destination_cidr_block="string",
    target_vpc_subnet_id="string",
    description="string")

const examplerouteResourceResourceFromEc2clientvpnroute = new aws.ec2clientvpn.Route("examplerouteResourceResourceFromEc2clientvpnroute", {
    clientVpnEndpointId: "string",
    destinationCidrBlock: "string",
    targetVpcSubnetId: "string",
    description: "string",
});

type: aws:ec2clientvpn:Route
properties:
    clientVpnEndpointId: string
    description: string
    destinationCidrBlock: string
    targetVpcSubnetId: string

Route Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Route resource accepts the following input properties:

ClientVpnEndpointId string: The ID of the Client VPN endpoint.
DestinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
TargetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
Description string: A brief description of the route.

ClientVpnEndpointId string: The ID of the Client VPN endpoint.
DestinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
TargetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
Description string: A brief description of the route.

clientVpnEndpointId String: The ID of the Client VPN endpoint.
destinationCidrBlock String: The IPv4 address range, in CIDR notation, of the route destination.
targetVpcSubnetId String: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
description String: A brief description of the route.

clientVpnEndpointId string: The ID of the Client VPN endpoint.
destinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
targetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
description string: A brief description of the route.

client_vpn_endpoint_id str: The ID of the Client VPN endpoint.
destination_cidr_block str: The IPv4 address range, in CIDR notation, of the route destination.
target_vpc_subnet_id str: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
description str: A brief description of the route.

clientVpnEndpointId String: The ID of the Client VPN endpoint.
destinationCidrBlock String: The IPv4 address range, in CIDR notation, of the route destination.
targetVpcSubnetId String: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
description String: A brief description of the route.

Outputs

All input properties are implicitly available as output properties. Additionally, the Route resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
Type string: The type of the route.

Id string: The provider-assigned unique ID for this managed resource.
Origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
Type string: The type of the route.

id String: The provider-assigned unique ID for this managed resource.
origin String: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
type String: The type of the route.

id string: The provider-assigned unique ID for this managed resource.
origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
type string: The type of the route.

id str: The provider-assigned unique ID for this managed resource.
origin str: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
type str: The type of the route.

id String: The provider-assigned unique ID for this managed resource.
origin String: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
type String: The type of the route.

Look up Existing Route Resource

Get an existing Route resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: RouteState, opts?: CustomResourceOptions): Route

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        client_vpn_endpoint_id: Optional[str] = None,
        description: Optional[str] = None,
        destination_cidr_block: Optional[str] = None,
        origin: Optional[str] = None,
        target_vpc_subnet_id: Optional[str] = None,
        type: Optional[str] = None) -> Route

func GetRoute(ctx *Context, name string, id IDInput, state *RouteState, opts ...ResourceOption) (*Route, error)

public static Route Get(string name, Input<string> id, RouteState? state, CustomResourceOptions? opts = null)

public static Route get(String name, Output<String> id, RouteState state, CustomResourceOptions options)

resources:  _:    type: aws:ec2clientvpn:Route    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ClientVpnEndpointId string: The ID of the Client VPN endpoint.
Description string: A brief description of the route.
DestinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
Origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
TargetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
Type string: The type of the route.

ClientVpnEndpointId string: The ID of the Client VPN endpoint.
Description string: A brief description of the route.
DestinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
Origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
TargetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
Type string: The type of the route.

clientVpnEndpointId String: The ID of the Client VPN endpoint.
description String: A brief description of the route.
destinationCidrBlock String: The IPv4 address range, in CIDR notation, of the route destination.
origin String: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
targetVpcSubnetId String: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
type String: The type of the route.

clientVpnEndpointId string: The ID of the Client VPN endpoint.
description string: A brief description of the route.
destinationCidrBlock string: The IPv4 address range, in CIDR notation, of the route destination.
origin string: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
targetVpcSubnetId string: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
type string: The type of the route.

client_vpn_endpoint_id str: The ID of the Client VPN endpoint.
description str: A brief description of the route.
destination_cidr_block str: The IPv4 address range, in CIDR notation, of the route destination.
origin str: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
target_vpc_subnet_id str: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
type str: The type of the route.

clientVpnEndpointId String: The ID of the Client VPN endpoint.
description String: A brief description of the route.
destinationCidrBlock String: The IPv4 address range, in CIDR notation, of the route destination.
origin String: Indicates how the Client VPN route was added. Will be add-route for routes created by this resource.
targetVpcSubnetId String: The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.
type String: The type of the route.

Import

Using pulumi import, import AWS Client VPN routes using the endpoint ID, target subnet ID, and destination CIDR block. All values are separated by a ,. For example:

$ pulumi import aws:ec2clientvpn/route:Route example cvpn-endpoint-1234567890abcdef,subnet-9876543210fedcba,10.1.0.0/24

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.78.0 published on Thursday, Apr 24, 2025 by Pulumi

pulumi/pulumi-aws

aws.ec2clientvpn.Route

On this page

On this page

Example Usage

Create Route Resource

Constructor syntax

Parameters

Constructor example

Route Resource Properties

Inputs

Outputs

Look up Existing Route Resource

Import

Package Details

On this page

On this page